CVE-2015-3902

Source
https://nvd.nist.gov/vuln/detail/CVE-2015-3902
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2015-3902.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2015-3902
Related
Published
2015-05-26T15:59:10Z
Modified
2024-06-04T04:00:19Z
Summary
[none]
Details

Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file.

References

Affected packages

Debian:11 / phpmyadmin

Package

Name
phpmyadmin
Purl
pkg:deb/debian/phpmyadmin?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:4.4.6.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / phpmyadmin

Package

Name
phpmyadmin
Purl
pkg:deb/debian/phpmyadmin?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:4.4.6.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / phpmyadmin

Package

Name
phpmyadmin
Purl
pkg:deb/debian/phpmyadmin?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:4.4.6.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}